<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>kali工具箱</title>
<script src="./static/bootstrap.min.js"></script>
<link rel="stylesheet" href="./static/main.css">
<link rel="stylesheet" href="./static/bootstrap.min.css">
<style type="text/css" id="syntaxhighlighteranchor"></style>
</head>
<main class="main-container ng-scope" ng-view="">
<div class="main receptacle post-view ng-scope">
<article class="entry ng-scope" ng-controller="EntryCtrl" ui-lightbox="">
<section class="entry-content ng-binding" ng-bind-html="postContentTrustedHtml">
<h2>紫光Uniscan包装说明</h2><p style="text-align: justify;">紫光Uniscan是一个简单的远程文件包含，本地文件包含和远程命令执行漏洞扫描。 </p><p>资料来源：http://sourceforge.net/projects/uniscan/ <br> <a href="http://sourceforge.net/projects/uniscan/" variation="deepblue" target="blank">紫光Uniscan首页</a> | <a href="http://git.kali.org/gitweb/?p=packages/uniscan.git;a=summary" variation="deepblue" target="blank">卡利紫光Uniscan回购</a> </p><ul><li>作者：道格拉斯Poerschke罗查</li><li>许可：GPLv3的</li></ul><h3>包含在紫光Uniscan包工具</h3><h5>紫光Uniscan - LFI，RFI和RCE漏洞扫描器</h5><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="bdcfd2d2c9fdd6dcd1d4">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# uniscan -h<br>
####################################<br>
# Uniscan project                  #<br>
# http://uniscan.sourceforge.net/  #<br>
####################################<br>
V. 6.2<br>
<br>
<br>
OPTIONS:<br>
    -h  help<br>
    -u  &lt;url&gt; example: https://www.example.com/<br>
    -f  &lt;file&gt; list of url's<br>
    -b  Uniscan go to background<br>
    -q  Enable Directory checks<br>
    -w  Enable File checks<br>
    -e  Enable robots.txt and sitemap.xml check<br>
    -d  Enable Dynamic checks<br>
    -s  Enable Static checks<br>
    -r  Enable Stress checks<br>
    -i  &lt;dork&gt; Bing search<br>
    -o  &lt;dork&gt; Google search<br>
    -g  Web fingerprint<br>
    -j  Server fingerprint<br>
<br>
usage:<br>
[1] perl ./uniscan.pl -u http://www.example.com/ -qweds<br>
[2] perl ./uniscan.pl -f sites.txt -bqweds<br>
[3] perl ./uniscan.pl -i uniscan<br>
[4] perl ./uniscan.pl -i "ip:xxx.xxx.xxx.xxx"<br>
[5] perl ./uniscan.pl -o "inurl:test"<br>
[6] perl ./uniscan.pl -u https://www.example.com/ -r</code><h3>紫光Uniscan贵 - LFI，RFI和RCE漏洞扫描（GUI） </h3><p>一个简单的远程文件包含，本地文件包含和远程命令执行漏洞扫描。 </p><h3>紫光Uniscan用法示例</h3><p>扫描指定的<b><i>URL（-u http://192.168.1.202/）</i></b>的漏洞，使目录和动态<b><i>检查（-qd）：</i></b> </p><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="3b4954544f7b505a5752">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# uniscan -u http://192.168.1.202/ -qd<br>
####################################<br>
# Uniscan project                  #<br>
# http://uniscan.sourceforge.net/  #<br>
####################################<br>
V. 6.2<br>
<br>
<br>
Scan date: 16-5-2014 16:29:48<br>
===================================================================================================<br>
| Domain: http://192.168.1.202/<br>
| Server: Apache/2.2.22 (Debian)<br>
| IP: 192.168.1.202<br>
===================================================================================================<br>
|<br>
| Directory check:<br>
| [+] CODE: 200 URL: http://192.168.1.202/joomla/<br>
| [+] CODE: 200 URL: http://192.168.1.202/wordpress/<br>
===================================================================================================<br>
|<br>
| Crawler Started:<br>
| Plugin name: FCKeditor upload test v.1 Loaded.<br>
| Plugin name: Web Backdoor Disclosure v.1.1 Loaded.<br>
| Plugin name: phpinfo() Disclosure v.1 Loaded.<br>
| Plugin name: E-mail Detection v.1.1 Loaded.<br>
| Plugin name: Timthumb &lt;= 1.32 vulnerability v.1 Loaded.<br>
| Plugin name: Code Disclosure v.1.1 Loaded.<br>
| Plugin name: Upload Form Detect v.1.1 Loaded.<br>
| Plugin name: External Host Detect v.1.2 Loaded.<br>
| [+] Crawling finished, 27 URL's found!</code><h3>紫光Uniscan贵用法示例</h3><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="bac8d5d5cefad1dbd6d3">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# uniscan-gui</code><p> <a href='full/84d9e2f860b3fd5fc6cdfadaf56ca27fddfa6434.jpg'><img src='full/84d9e2f860b3fd5fc6cdfadaf56ca27fddfa6434.jpg' alt="紫光Uniscan" width="920" class="aligncenter size-full wp-image-3663"></a> </p><div style="display:none">
<script src="//s11.cnzz.com/z_stat.php?id=1260038378&web_id=1260038378" language="JavaScript"></script>
</div>
</main></body></html>
